CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-4674

admin/admin.php in Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket Script allows remote attackers to change an arbitrary password via a modified user_id field.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 78.8%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.exploit-db.com/exploits/8774
http://www.securityfocus.com/bid/35079
https://exchange.xforce.ibmcloud.com/vulnerabilities/50722
http://www.exploit-db.com/exploits/8774
http://www.securityfocus.com/bid/35079
https://exchange.xforce.ibmcloud.com/vulnerabilities/50722

Products affected by CVE-2009-4674

Mole-Group » Bus Ticket Script » Version: N/A

cpe:2.3:a:mole-group:bus_ticket_script:-
Mole-Group » Sky Hunter Airline Ticket Sale Script » Version: N/A

cpe:2.3:a:mole-group:sky_hunter_airline_ticket_sale_script:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4674

Products

Pricing

Contact Us